• Identity 101
  • Malvertising: Definition, Techniques & Defense

Malvertising: Definition, Techniques & Defense

Updated: 10/02/2024 - 6:25
Time to read: 6 minutes

Malvertising is a malware-delivery device that uses common website elements. Some forms of malware require a click, such as tapping on an ad. Others can launch without any user interaction at all. 

Malvertising is relatively common. Estimates vary, but about 1 percent of all the ads you see online could hold this nasty element. 

Let's walk through what malvertising is and what it entails. Then, we'll dig into methods web browsers and website owners can use to block these attacks before they begin. 

What is malvertising?

Malware ads are a form of cyber attack in which hackers use a website you know and trust to execute dangerous code that puts your security at risk. 

There are two primary forms of malvertising:

  • Pre-click: Malware launches on your computer as the web page loads. You don't need to do anything to start it, and this form of attack is hard to stop. 
  • Post-click: You tap on an ad or some website element, and malware launches in response. 

Some types of malvertising launch ad malware on your computer. These programs display advertising for products you don't want, or they redirect your searches to advertising websites. At the same time, the program mines data about you to send back to the hackers. 

Hackers rely on known, trusted websites to launch these attacks. Visitors believe that anything on the site should be safe since they know the hosted company and have visited the site dozens of times. 

Most websites use advertising to pay for design, content creation, hosting, licensing, and more. Running a sophisticated site can be incredibly expensive, and ads help to buffer the cost. 

But ads tend to move through third-party brokers before hitting the site, and that means most website owners have no idea who is buying ads next to their content. If an attack begins, they may be the last to know about it. And they may feel powerless to stop it. 

The most famous malvertising attacks took place in 2015 and 2016. Hackers embedded their threats on prominent sites such as Spotify, the BBC, and The New York Times. The malware infected thousands of people with code that stole their information, launched suspicious websites, and more. 

Where can you find malvertising? 

A malvertisement must appear within digital content. Hackers need to run code to make their attacks work, and they can't use the technique in printed materials. 

In most cases, hackers choose content that is trendy or popular. For example, hackers crafted malvertising in coronavirus content in early 2020, as they knew consumers would be looking for information about the pandemic. 

You might also see malware on small, poorly maintained websites, as hackers can place almost any ad there with little oversight. 

But almost anything you could see on a website could have a malvertising component. Looking through a few malvertising examples makes the risk clear. You might encounter these problems in:

  • Advertising. Popup ads and banner ads are an easy way to spread malvertising across the internet. Some entice people to click to receive a deal. For example, you might find one that encourages you to download antivirus software for a low price. 
  • Content. A link or button within a piece of content directs you to a landing page. As that piece loads, your computer takes in a tracking pixel that gives